ZDNet Multiplexer

mul-ti-plexer-er. noun. A device, in electronics, that synthesizes disparate data signals into a single, uniform output. ZDNet Multiplexer merges various perspectives, media types, and data sources and synthesizes them into one clear message, via a sponsored blog.

ZDNet Multiplexer allows marketers to connect directly with the ZDNet community by enabling them to blog on the ZDNet publishing platform. Content on ZDNet Multiplexer blogs is produced in association with the sponsor and is not part of ZDNet's editorial content.

SPONSORED BY

Are you worried about cloud security?

An analysis of why cloud services are more secure and reliable than on-premises infrastructure.

Security is one of the top concerns for organisations when considering a move to cloud computing, according to research from market analyst Quocirca. Our advice for these businesses is to write down their top five or ten concerns and share them with their IT department. Then ask IT how many of the areas are covered by the organisation's own datacentre - the results could be sobering.

Cloud providers know that they are more attractive targets for attack than the majority of single-user data centres. Therefore, they have to take extra steps to ensure that they are truly secure - and most have the means to do so. By averaging the cost of security over a large number of customers, a good cloud provider can afford to spend more on safeguarding its data than the vast majority of private datacentres.

Where should cloud providers start? Begin by employing people who truly understand security must be comprehensive. A plan must cover not just securing computer systems, but full security that includes the people, the building itself, visitors to the facility, and change management. Cloud providers should have dedicated teams - in Microsoft's case, the Azure Trust Center - that plan and implement broad-scale security policies which are then monitored by the team reacting to security incidents, such as denial-of-service attacks.

Staff should all be background-checked as well - the last thing a secure data centre needs is a black hat inside. Even after background checks, behaviour needs to be monitored to recognise patterns that could indicate employees are not obeying all the security protocols.

Privileged users must be fully monitored. They must never share username and password details, and strictly adhere to two-factor authentication. Most users should not have access to customer data either - just to the systems that users works on. Any external engineer coming onto the site must be provided with a work ticket that states the exact job they do, and where they can go - and they must be accompanied at all times.

The odds are that even the most careful cloud provider will experience the occasional security breach. However, if they have all the right safeguarding policies and procedures in place, the damage should be minimal, or non-existent. Because cloud providers know they are at risk of attack, theytend to be better prepared for breaches than an individual company's private datacentre. Thus, businesses should feel confident that their data is safe if they do choose to go with a cloud service.

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.